Stm32h7 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-34268	1 St	2 Stm32cube Middleware, Stm32h7b3	2024-11-21	4.6 Medium
An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malformed USB device packet.
CVE-2021-34267	1 St	2 Stm32cube Middleware, Stm32h7b3	2024-11-21	4.6 Medium
An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endpoint.
CVE-2021-34262	1 St	2 Stm32cube Middleware, Stm32h7b3	2024-11-21	6.8 Medium
A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.
CVE-2021-34261	1 St	2 Stm32cube Middleware, Stm32h7b3	2024-11-21	4.6 Medium
An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when trying to set a remote wake-up feature.
CVE-2021-34260	1 St	2 Stm32cube Middleware, Stm32h7b3	2024-11-21	6.8 Medium
A buffer overflow vulnerability in the USBH_ParseInterfaceDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.
CVE-2021-34259	1 St	2 Stm32cube Middleware, Stm32h7b3	2024-11-21	6.8 Medium
A buffer overflow vulnerability in the USBH_ParseCfgDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.
CVE-2019-14238	1 St	12 Stm32f4, Stm32f4 Firmware, Stm32f7 and 9 more	2024-11-21	6.6 Medium
On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus.
CVE-2019-14236	1 St	12 Stm32f4, Stm32f4 Firmware, Stm32f7 and 9 more	2024-11-21	9.8 Critical
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution.

Page 1 of 1.